Website Security News
Last week, we described how an ongoing massive malware campaign began using Baidu search result links to redirect people to various ad and scam pages. It didn’t last long. Soon after the publication of that article, the bad actors changed the links to use compromised…
If I were to ask if you could trust a script from Google that is loading on your website, the majority of users would say “yes” or even “absolutely”. But…
Read More about Malicious Activities with Google Tag Manager
Over the last few weeks, we’ve noticed a JavaScript injection in a number of WordPress databases, and we recently wrote about them in a Sucuri Labs Note. The campaign attempts…
Read More about Reverse Javascript Injection Redirects to Support Scam on WordPress
As consumers prepare to take advantage of the discounts and promotions for the Black Friday and Cyber Monday ecommerce holidays, bad actors are crafting fraudulent websites, phishing, and malware campaigns…
Read More about How to Avoid Malicious Cyber Monday Campaigns
In the last few months, we noticed an increase in attacks targeting ecommerce platforms aiming to steal credit card information. We saw a similar rise last year after the summer…
Read More about Ecommerce Security: Fake Jquery Used as CC Scraper
A malicious redirect is a snippet of code used by attackers with the intention of redirecting visitors to another site; a very common tactic seen in compromised websites. These redirects…
Read More about Expired Domain Leads to WordPress Plugin Redirects
Some website hacks aim to make some political statements. Defacements are well known for this. Some infections redirect visitors to scam sites that push (usually counterfeit) goods or (often illegal)…
Read More about Website Malware: Unwanted Exit to YourBrexit
We’ve been watching a specific WordPress infection for several months and would like to share details about it. The attacks inject malicious JavaScript code into almost every .js file it…
Read More about WordPress Security – Unwanted Redirects via Infected JavaScript Files
One of the worst experiences for a website owner is finding out that the search results for your site have turned into a pharmacy, a fashion outlet, or even a…
Read More about Joomla Security – Pornography Spam Campaign in the Wild
During a recent malware investigation, we found some interesting obfuscated Javascript code. This code pretends to appear as part of the popular AddThis social sharing plugin, using it in URL…
Read More about JavaScript Injections Leads to Tech Support Scam
When a website is hacked, we often find that attackers have injected multiple backdoors, web shells, and malicious code that allows them to regain access if the original vulnerability is…
Read More about Fake bb_press Plugin Redirects to Mobile Pornography
